Skip to content
Back to home
Audit trail

The discipline ledger.

Four cadence rituals govern this codebase. They run on a clock, enforced by CI. Their entries are append-only, never deleted, and published as written.

Most companies say they have a quality process. This page is the process — public, dated, every entry retrievable. Drift would show up here first.

Quality Council

every 3 days · activation: Quality Council

18 entries

A 30-minute synthesis review pulling the ratchet movements, top user-reported issues, top internal regressions, and a forward-looking question that prevents drift into "we always measure these things."

Latest entry · 2026-07-11
### Top-line numbers (snapshot at B4234)
- **Builds since the last council (2026-07-04, B4100):** ~134 (B4101 → B4234)
- **Tests:** **12,625 passing** (vitest, 960 files), 0 failing, 4 skipped — up ~690 from B4100's 11,937.
- **CI ratchets:** 82 gates; **untested-public-api 153 → 28 (−125 over the window — a larger drop than last window's record −84)**. The "LLM-mock tier" the B4100 council gated on a reviewed template is DONE: the `vi.hoisted` + `vi.mock('@anthropic-ai/sdk')` template fanned out across the whole Manhattan learning stack (dreaming, episodic-trace, taste-model, skill-frontier, plateau, predictive-wounds, prosodic-skeleton, hippocampal-replay, quality-gate, c
Read the full log on GitHub →

Trust Decay Audit

every 14 days · activation: Trust Decay Audit

7 entries

Walks every public claim (homepage, /scoring/standard, /the-receipts, reproducibility seal) against verified implementation facts. Catches drift between what the site says and what the code does before users do.

Latest entry · 2026-07-06
**Trigger:** Deep Audit 2026-07-06 Tier-1 #4 (cadence due — last entry 2026-06-19,
17 days). First trust-decay audit with LIVE JS-RENDERED evidence: Chrome captures
of /, /leaderboard, /albums, /pricing, /api/health at deployed build 4129
(`a171c3d` = local HEAD at capture).
### Mechanical layer — GREEN
- `npm run audit:trust`: **33/33 claims verified** (captured this session).
Read the full log on GitHub →

Bet Reviews

every 45 days · activation: Bet Review

3 entries

Lists 5 builds shipped 45 days ago, marks each as moved-the-metric / didn't / killed. The retrospective discipline — pruning what didn't work is harder than shipping what does.

Latest entry · 2026-07-16
Third Bet Review, filed at B4309 by the cadence-runner agent (57 days
since the 2026-05-20 entry; its self-scheduled 2026-07-04 review date
is 12 days past; CI-red would arrive 2026-07-20). Per the protocol,
the reviewed window is builds shipped ~45 days ago: **B3527-B3583
(2026-05-29 → 2026-06-04)** [SRC: `git log --since=2026-05-29
--until=2026-06-04`]. 2,030 commits landed since the last entry
Read the full log on GitHub →

External Audit Prep

every 45 days · activation: External Audit Prep

2 entries

Generates the brief for the next external reviewer trio (engineer / songwriter / AI safety researcher). The forcing function that keeps internal claims honest under outside scrutiny.

Latest entry · 2026-04-25
This is the brief that gets sent to the first three external reviewers
once the operator identifies + recruits them. The brief itself is a
ritual artifact: it forces us to write down the questions before we
hear answers we can't unhear.
### Reviewers
- **Engineer:** TBD — target: senior IC at a music-tech company (Splice, Output, LANDR, Native Instruments, or similar). Compensation: $500 + 60-min review every 45 days.
Read the full log on GitHub →

How "overdue" gets enforced

Every push runs npm run check:cadence-health. If any cadence is past its threshold (Quality Council > 7 days, Trust Decay > 22 days, Bet Review + External Audit > 60 days) the gate fails and the deploy blocks. Drift can't accumulate silently — the next push won't go out until the overdue ritual runs and an entry lands here.

That's what makes the discipline real. A ritual unenforced is a ritual that decays. The 22 CI ratchets in the codebase work the same way — every metric only moves down.